From bac8d4195465f1ebe00f2d7d938ef0effb9f985b Mon Sep 17 00:00:00 2001 From: NATTSiM Date: Mon, 27 Jan 2014 12:51:15 -0800 Subject: [PATCH] Pass IPAddress in getAdminRole --- src/ripple_app/main/RPCHTTPServer.cpp | 10 ++--- src/ripple_app/rpc/RPCServerHandler.cpp | 10 ++--- src/ripple_app/rpc/RPCServerHandler.h | 2 +- src/ripple_app/websocket/WSConnection.cpp | 2 +- src/ripple_core/functional/Config.cpp | 50 ++++++++++++++++++++--- src/ripple_core/functional/Config.h | 16 ++++---- src/ripple_net/basics/RPCServer.h | 2 +- src/ripple_net/basics/impl/RPCServerImp.h | 20 ++------- 8 files changed, 69 insertions(+), 43 deletions(-) diff --git a/src/ripple_app/main/RPCHTTPServer.cpp b/src/ripple_app/main/RPCHTTPServer.cpp index 1f96f74804..d2541d8d05 100644 --- a/src/ripple_app/main/RPCHTTPServer.cpp +++ b/src/ripple_app/main/RPCHTTPServer.cpp @@ -153,7 +153,7 @@ public: void processSession (Job& job, HTTP::Session& session) { session.write (m_deprecatedHandler.processRequest ( - session.content(), session.remoteAddress().withPort(0).to_string())); + session.content(), session.remoteAddress().withPort(0))); session.close(); } @@ -172,7 +172,7 @@ public: } // Stolen directly from RPCServerHandler - std::string processRequest (std::string const& request, std::string const& remoteAddress) + std::string processRequest (std::string const& request, IPAddress const& remoteIPAddress) { Json::Value jvRequest; { @@ -187,14 +187,14 @@ public: } } - Config::Role const role (getConfig ().getAdminRole (jvRequest, remoteAddress)); + Config::Role const role (getConfig ().getAdminRole (jvRequest, remoteIPAddress)); Resource::Consumer usage; if (role == Config::ADMIN) - usage = m_resourceManager.newAdminEndpoint(remoteAddress); + usage = m_resourceManager.newAdminEndpoint (remoteIPAddress.to_string()); else - usage = m_resourceManager.newInboundEndpoint(IPAddress::from_string(remoteAddress)); + usage = m_resourceManager.newInboundEndpoint(remoteIPAddress); if (usage.disconnect ()) return createResponse (503, "Server is overloaded"); diff --git a/src/ripple_app/rpc/RPCServerHandler.cpp b/src/ripple_app/rpc/RPCServerHandler.cpp index 23fcc68e03..65a86d1e6c 100644 --- a/src/ripple_app/rpc/RPCServerHandler.cpp +++ b/src/ripple_app/rpc/RPCServerHandler.cpp @@ -36,7 +36,7 @@ bool RPCServerHandler::isAuthorized ( return HTTPAuthorized (headers); } -std::string RPCServerHandler::processRequest (std::string const& request, std::string const& remoteAddress) +std::string RPCServerHandler::processRequest (std::string const& request, IPAddress const& remoteIPAddress) { Json::Value jvRequest; { @@ -50,15 +50,15 @@ std::string RPCServerHandler::processRequest (std::string const& request, std::s return createResponse (400, "Unable to parse request"); } } - - Config::Role const role (getConfig ().getAdminRole (jvRequest, remoteAddress)); + + Config::Role const role (getConfig ().getAdminRole (jvRequest, remoteIPAddress)); Resource::Consumer usage; if (role == Config::ADMIN) - usage = m_resourceManager.newAdminEndpoint (remoteAddress); + usage = m_resourceManager.newAdminEndpoint (remoteIPAddress.to_string()); else - usage = m_resourceManager.newInboundEndpoint (IPAddress::from_string (remoteAddress)); + usage = m_resourceManager.newInboundEndpoint (remoteIPAddress); if (usage.disconnect ()) return createResponse (503, "Server is overloaded"); diff --git a/src/ripple_app/rpc/RPCServerHandler.h b/src/ripple_app/rpc/RPCServerHandler.h index ffbf4453bb..f7aadadbee 100644 --- a/src/ripple_app/rpc/RPCServerHandler.h +++ b/src/ripple_app/rpc/RPCServerHandler.h @@ -33,7 +33,7 @@ public: bool isAuthorized (std::map const& headers); - std::string processRequest (std::string const& request, std::string const& remoteAddress); + std::string processRequest (std::string const& request, IPAddress const& remoteIPAddress); private: NetworkOPs& m_networkOPs; diff --git a/src/ripple_app/websocket/WSConnection.cpp b/src/ripple_app/websocket/WSConnection.cpp index a193ab5813..11fe3f0ced 100644 --- a/src/ripple_app/websocket/WSConnection.cpp +++ b/src/ripple_app/websocket/WSConnection.cpp @@ -139,7 +139,7 @@ Json::Value WSConnection::invokeCommand (Json::Value& jvRequest) Config::Role const role = m_isPublic ? Config::GUEST // Don't check on the public interface. : getConfig ().getAdminRole ( - jvRequest, m_remoteAddress.withPort(0).to_string()); + jvRequest, m_remoteAddress.withPort(0)); if (Config::FORBID == role) { diff --git a/src/ripple_core/functional/Config.cpp b/src/ripple_core/functional/Config.cpp index bb3e6cdfea..3751f91d9f 100644 --- a/src/ripple_core/functional/Config.cpp +++ b/src/ripple_core/functional/Config.cpp @@ -29,6 +29,43 @@ #define DEFAULT_FEE_OFFER DEFAULT_FEE_DEFAULT #define DEFAULT_FEE_OPERATION 1 +/** Parses a set of strings into IP::Endpoint + Strings which fail to parse are not included in the output. If a stream is + provided, human readable diagnostic error messages are written for each + failed parse. + @param out An OutputSequence to store the IP::Endpoint list + @param first The begining of the string input sequence + @param last The one-past-the-end of the string input sequence +*/ +template +void parseAddresses (OutputSequence& out, InputIterator first, InputIterator last, + Journal::Stream stream = Journal::Stream ()) +{ + while (first != last) + { + typename std::iterator_traits ::value_type const& str (*first); + ++first; + { + IPAddress const addr (IPAddress::from_string (str)); + if (! addr.empty ()) + { + out.push_back (addr); + continue; + } + } + { + IPAddress const addr (IPAddress::from_string_altform (str)); + if (! addr.empty ()) + { + out.push_back (addr); + continue; + } + } + if (stream) stream << + "Config: \"" << str << "\" is not a valid IP address."; + } +} + //------------------------------------------------------------------------------ Config::Config () @@ -70,7 +107,7 @@ Config::Config () LEDGER_CREATOR = false; RPC_ALLOW_REMOTE = false; - RPC_ADMIN_ALLOW.push_back ("127.0.0.1"); + RPC_ADMIN_ALLOW.push_back (beast::IPAddress::from_string("127.0.0.1")); PEER_SSL_CIPHER_LIST = DEFAULT_PEER_SSL_CIPHER_LIST; PEER_SCAN_INTERVAL_MIN = DEFAULT_PEER_SCAN_INTERVAL_MIN; @@ -322,7 +359,10 @@ void Config::load () if (smtTmp) { - RPC_ADMIN_ALLOW = *smtTmp; + std::vector parsedAddresses; + parseAddresses, std::vector::const_iterator> + (parsedAddresses, (*smtTmp).cbegin(), (*smtTmp).cend()); + RPC_ADMIN_ALLOW = parsedAddresses; } (void) SectionSingleB (secConfig, SECTION_RPC_ADMIN_PASSWORD, RPC_ADMIN_PASSWORD); @@ -789,7 +829,7 @@ void Config::setRpcIpAndOptionalPort (std::string const& newAddress) //------------------------------------------------------------------------------ -Config::Role Config::getAdminRole (Json::Value const& params, std::string const& strRemoteIp) const +Config::Role Config::getAdminRole (Json::Value const& params, beast::IPAddress const& remoteIp) const { Config::Role role; bool bPasswordSupplied = params.isMember ("admin_user") || params.isMember ("admin_password"); @@ -824,9 +864,9 @@ Config::Role Config::getAdminRole (Json::Value const& params, std::string const& // Meets IP restriction for admin. bool bAdminIP = false; - BOOST_FOREACH (const std::string & strAllowIp, this->RPC_ADMIN_ALLOW) + BOOST_FOREACH (IPAddress const& addr, this->RPC_ADMIN_ALLOW) { - if (strAllowIp == strRemoteIp) + if (addr == remoteIp) bAdminIP = true; } diff --git a/src/ripple_core/functional/Config.h b/src/ripple_core/functional/Config.h index 9f69204883..6e3ae644ca 100644 --- a/src/ripple_core/functional/Config.h +++ b/src/ripple_core/functional/Config.h @@ -273,7 +273,7 @@ public: ADMIN, FORBID }; - Role getAdminRole (Json::Value const& params, std::string const& strRemoteIp) const; + Role getAdminRole (Json::Value const& params, IPAddress const& remoteIp) const; /** Listening port number for peer connections. */ int peerListeningPort; @@ -423,13 +423,13 @@ public: std::string WEBSOCKET_SSL_KEY; // RPC parameters - std::vector RPC_ADMIN_ALLOW; - std::string RPC_ADMIN_PASSWORD; - std::string RPC_ADMIN_USER; - std::string RPC_PASSWORD; - std::string RPC_USER; - bool RPC_ALLOW_REMOTE; - Json::Value RPC_STARTUP; + std::vector RPC_ADMIN_ALLOW; + std::string RPC_ADMIN_PASSWORD; + std::string RPC_ADMIN_USER; + std::string RPC_PASSWORD; + std::string RPC_USER; + bool RPC_ALLOW_REMOTE; + Json::Value RPC_STARTUP; int RPC_SECURE; std::string RPC_SSL_CERT; diff --git a/src/ripple_net/basics/RPCServer.h b/src/ripple_net/basics/RPCServer.h index d6f10d00e4..373fec6c19 100644 --- a/src/ripple_net/basics/RPCServer.h +++ b/src/ripple_net/basics/RPCServer.h @@ -46,7 +46,7 @@ public: @param request The RPC request string. @return The server's response. */ - virtual std::string processRequest (std::string const& request, std::string const& remoteAddress) = 0; + virtual std::string processRequest (std::string const& request, IPAddress const& remoteIPAddress) = 0; }; virtual ~RPCServer () { } diff --git a/src/ripple_net/basics/impl/RPCServerImp.h b/src/ripple_net/basics/impl/RPCServerImp.h index a36683a2d9..dd31aba76b 100644 --- a/src/ripple_net/basics/impl/RPCServerImp.h +++ b/src/ripple_net/basics/impl/RPCServerImp.h @@ -218,23 +218,9 @@ public: std::string handleRequest (const std::string& request) { WriteLog (lsTRACE, RPCServer) << "handleRequest " << request; - - // Figure out the remote address. - // VFALCO TODO Clean up this try/catch nonsense. - // - std::string remoteAddress; - - try - { - remoteAddress = mSocket.PlainSocket ().remote_endpoint ().address ().to_string (); - } - catch (...) - { - // endpoint already disconnected - return ""; - } - - return m_handler.processRequest (request, remoteAddress); + + return m_handler.processRequest (request, beast::IPAddressConversion::from_asio ( + mSocket.PlainSocket ().remote_endpoint().address())); } //--------------------------------------------------------------------------